We recently released the MITRE Shield Active Defense Knowledge Base — which was developed from our first-hand experience with defending MITRE’s corporate network. Since then, we’ve gotten many questions about Shield and our approach to active defense. We’d like to take a step back and answer some of these key questions. While these do not reflect all of the questions we have received, they do address topics that have been asked multiple times.

Why did you choose to call Shield an ‘Active Defense’ knowledge base?

We wanted to raise awareness and stimulate conversation about defenders taking a less passive, more active mindset. We defenders are in a contest with adversaries who are determined and constantly evolving. To succeed, we need to better understand what cyber adversaries do, what’s working (and not working) in our defense strategies, and how we might shift the game in our advantage. …


Welcome to the MITRE Shield blog! Our team is excited to have another way to start conversations about the use of active defense, Cyber deception, and adversary engagement.

The MITRE Shield team is made up of security practitioners who use active defense techniques to defend our organization’s network. We hope to share our knowledge of how we apply those techniques in an informative and helpful manner. Writing blog posts is not our “day” job, so we recognize that they may not be as polished as sites with dedicated teams. We will strive to bring you content on a wide range of topics and from various points of view. …

Christina Fowler

Chief Cyber Intel Strategist, MITRE Shield Team Member

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store